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ABSTRACT 

Pattern classification systems based on machine 
learning algorithms are commonly used in security- 
related applications like biometric authentication, 
network intrusion detection, and spam filtering, to 
discriminate between a “legitimate” and a “malicious” 
pattern class., in which data can be purposely 
manipulated by humans to undermine their operation. 
As this adversarial scenario is not taken into account 
by classical design methods, pattern classification 
systems may exhibit vulnerabilities, whose 
exploitation may severely affect their performance, 
and consequently limit their practical utility. Pattern 
classification theory and design methods to 
adversarial settings. Here, propose a framework for 
empirical evaluation of classifier security that 
formalizes and generalizes the main ideas proposed in 
the literature, and give examples of its use in real 
applications. Reported results show that security 
evaluation can provide a more complete 
understanding of the classifier’s behaviour in 
adversarial environments, and lead to better design 
choices. This framework can be applied to different 
classifiers on one of the application from the spam 
filtering, biometric authentication and network 
intrusion detection. So in this propose an algorithm 
for the generation of training and testing sets to be 
used for security evaluation. Now result shows 
providing security to system using application as 
blogger for this applying spam filtering, biometric 
authentication methods. That shows pattern 
classification for detecting spam comments which 
easy to detect spam. Multimodal System means that 
using different inputs system will stored the data for 
testing and training generation for provide highly 
security. 
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I. INTRODUCTION 

Security evaluation of pattern classifiers under attack 
describes pattern classification systems problems 
because of different attacks. 

Pattern classification system are based on machine 
learning algorithms are commonly used in security- 
related applications like biometric authentication, 
network intrusion detection, and spam filtering. 
Contrary to traditional ones, these Applications have 
an intrinsic adversarial nature since the input data can 
be purposely manipulated by an intelligent and 
adaptive adversary to undermine classifier operation. 
This often gives rise to an arms race between the 
adversary and the classifier designer, examples of 
attacks against pattern classifiers are: submitting a 
fake biometric trait to a biometric authentication 
system (spoofing attack); modifying network packets 
belonging to intrusive traffic to evade intrusion 
detection systems (IDSs); manipulating the content of 
spam emails to get them past spam filters (e.g., by 
misspelling common spam words to avoid their 
detection). 

It is now acknowledged that, since pattern 
classification systems based on classical theory and 
design methods do not take into account adversarial 
settings, they exhibit vulnerabilities to several 
potential attacks, allowing adversaries to undermine 
their effectiveness. A systematic and unified treatment 
of this issue is thus needed to allow the trusted 
adoption of pattern classifiers in adversarial 
environments. A framework is used for evaluation of 
classifier security that formalizes and generalizes the 
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training and testing datasets. Results show that 
security evaluation can provide a more complete 
understanding of the classifier’s behaviour in 
adversarial environments, and lead to better design 
choices. Adversarial machine learning is a research 
field that lies at the intersection of machine learning 
and computer security. In the previous sections, we 
introduced the problem of pattern recognition and 
adversarial classification. 

In Design pattern classification under attack using a 
framework for empirical evaluation of classifier 
security that formalizes and generalizes the main 
ideas proposed in the literature, and give examples of 
its use in real applications. Reported results show that 
security evaluation can provide a more complete 
understanding of the classifier’s behavior in 
adversarial environments, and lead to better design 
choices. This framework can be applied to different 
classifiers on one of the application from the spam 
filtering, and network intrusion detection. Considering 
Multimodal system is the security of account when 
one of the modes is successfully spoofed, that the 
proposed methodology to rank score fusion rules is 
capable of providing correct ranking of score fusion 
rules under spoof attack .Spoofing attacks where one 
person or program purposely falsifying data and there 
by gaining an illegitimate advantage. It discusses how 
the classical design cycle of pattern classifiers should 
be revised to take security into account. 


II. Literature Review 

In this review on previous work, Security Evaluation 
of Pattern classification systems based on machine 
learning algorithms are commonly used in security- 
related applications like biometric authentication, 
network intrusion detection, and spam filtering, to 
discriminate between a “legitimate” and a “malicious” 
pattern class[l][2]. Pattern classification systems 
based on classical theory and design methods do not 
take into account adversarial settings. They exhibit 
vulnerabilities to several potential attacks, allowing 
adversaries to undermine their effectiveness [3], 
Biometric systems have been found to be useful tools 
for person identification and verification. 

A biometric characteristic is any physiological of 
behavioural trait of a person that can be used to 
distinguish that person from other people [2] [6]. 
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Spoof attacks consist in submitting fake biometric 
traits to biometric systems [2] [4], and this is a major 
threat in security. 

The presence of an intelligent and adaptive adversary 
makes the classification problem highly non- 
stationary[l], and makes it difficult to predict how 
many and which kinds of attacks a classifier will be 
subject to during operation, that is, how the data 
distribution will change. In particular, the testing data 
processed by the trained classifier can be affected by 
both exploratory and causative attacks, while the 
training data can only be affected by causative 
attacks, In both cases, during operation, testing data 
may follow a different distribution than that of 
training data, when the classifier is under attack. 
Therefore, security evaluation cannot be carried out 
according to the classical paradigm of performance 
evaluation [1][2][3]. 

Security problems often lead to a “reactive” arms race 
between the adversary and the classifier designer [2], 
At each step, the adversary analyzes the classifier 
defences, and develops an attack strategy to overcome 
them [1], Many authors implicitly performed security 
evaluation as a what-if analysis, based on empirical 
simulation methods; they mainly focused on a specific 
application, classifier and attack, their goal was either 
to point out a previously unknown vulnerability, or to 
evaluate security against a known attack. 

A. Previous Review On Security Evaluation 

Many authors implicitly performed security 
evaluation as a what-if analysis, based on empirical 
simulation methods; however, they mainly focused on 
a specific application, classifier and attack, and 
devised ad hoc security evaluation procedures based 
on the exploitation of problem knowledge and 
heuristic techniques. Their goal was either to point out 
a previously unknown vulnerability, or to evaluate 
security against a known attack. 

III. PROPOSED WORK 

In this proposed work we address issues above by 
developing a framework for the empirical evaluation 
of classifier security at design phase that extends the 
model selection and performance evaluation steps of 
the classical design cycle. We summarize previous 
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work, and point out three main ideas that emerge from > Adversarial classification 

it. We then formalize and generalize them in our > Security modules 

framework. 


• To pursue security in the context of an arms race it 
is not sufficient to react to observed attacks, but it 
is also necessary to proactively anticipate the 
adversary by predicting the most relevant, 
potential attacks through a what-if analysis; this 
allows one to develop suitable countermeasures 
before the attack actually occurs, according to the 
principle of security by design. 

• To provide practical guidelines for simulating 
realistic attack scenarios, we define a general 
model of the adversary, in terms of her goal, 
knowledge, and capability, which encompass and 
generalize models proposed in previous work. 

• Since the presence of carefully targeted attacks 
may affect the distribution of training and testing 
data separately, we propose a model of the data 
distribution that can formally characterize this 
behavior, and that allows us to take into account a 
large number of potential attacks; 

• Also propose an pattern classifier for security 
evaluation, which can naturally accommodate 
application-specific and heuristic techniques for 
simulating attacks. 

A. Framework 

In this work we create a new framework to provide 
security to adversarial application, we address issues 
developing a framework for the empirical evaluation 
of classifier security also propose algorithm used for 
security evaluation and generation of training and 
testing sets, when user wants to enter into the system 
first user log in into the system if user is a 
authenticated person and he enter correct user id, 
password and also correct pattern only then system 
permit user to access the system. If enter pattern is 
wrong then pattern manager manage or classify the 
pattern and provide more security the user account. 
And also provide account information to user. In the 
proposed system pattern manager find out the pattern 
of attack and provide security to user account before 
attack is completed. We define a general models :- 

1. Modules: 

> Attack Scenario and Model of the Adversary 

> Pattern Classification 


The definition of attack scenarios is ultimately an 
application-specific issue, it is possible to give general 
guidelines that can help the designer of a pattern 
recognition system. 

Pattern classification is the scientific discipline whose 
goal is to classify the objects into a number of classes 
or categories, depending on the type of application, 
these objects may be any type of measurements, 
images or signal waveforms that need to be classified. 

In pattern classification, typically a set of patterns (the 
raw data), whose class is unknown, is given. In 
addition, proper actions can be taken based on the 
outcome of the pattern classification, a classifier is 
designed by training it on a set of patterns (samples or 
feature vectors) whose true class is known referred 
also as training set or design set, to find a 
classification function. 
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Figure 1.1: The basic stages involved in the design of a pattern classification system. 

Figure 1.1 shows the various stages followed for the 
design of a pattern classification system. The first step 
is to collect a pre-processed set of training samples. 

The role of data pre-processing module is therefore to 
segment the pattern of interest from the background, 
remove noise and any other operation which will 
contribute in defining a compact representation of the 
pattern. Features are then extracted from each training 
sample. In practice, a larger than necessary number of 
feature candidates is generated and then the best of 
them are adopted. The classifier, which is chosen 
among different algorithms, is trained on appropriate 
features. Finally, once the classifier has been designed 
(trained), one can evaluate the performance of the 
designed classifier. 
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1.2. Objectives. 

2. Our future work will be devoted to develop 
techniques for simulating attacks for different 
applications. 

3. Prevents developing novel methods to assess 
classifier security against these attacks. 

4. The presence of an intelligent and adaptive 
adversary makes the classification problem highly 
non-stationary. 

5. We also propose an algorithm for the generation 
of training and testing sets to be used for security 
evaluation, which can naturally accommodate 
application-specific and heuristic techniques for 
simulating attacks. 

B. System Architecture 

The main goal is difficult to represent to escape the 
design classifiers in the Adversarial Classification 
Problems with the help of the framework. An artifice 
for providing the security for classifier designer is to 
mask the data to the Adversary. In the case of Arms- 
race, it is not possible to recommend how many and 
what type of attacks a classifier will incur during 
operation, the classifier security should proactively 
evaluate using a what-if analysis, by simulating 
potential attack scenarios. The primary goal is to 
formulate or model the adversary as the optimization 
of an actual function. The effective simulation of 
attack scenarios requires a formal model of the 
adversary. In many cases, according to the knowledge 
of classifier and capability of manipulation of data, 
the adversary acts rationally to attain a goal of 
security evaluation. 

Our main goal is to provide a quantitative and 
general-purpose basis for the application of the what- 
if analysis to classifier security evaluation, based on 
the definition of potential attack scenarios. Our main 
goal is to provide a quantitative and general-purpose 
basis for the application of the what-if analysis to 
classifier security evaluation, based on the definition 
of potential attack scenarios. 



Figure 2. System Architecture 
VI. SYSTEM DESIGN 

It shows that how to intruder trying to penetrate 
system using different source which try to harm 
system or manipulate information which is not 
detecting by system. To avoid this problems system 
using different applications that are set of algorithms 
which detect unusual traffic and spamming. System 
trying to provide security through applications that 
intruder trying to attacks. 

Below shows the intruder to legitimate system 
diagram that easy to understand. 
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Figure 3. Intruder to legitimate system 

This is system diagram that shows are intruder trying 
to penetrate to system and how to system detect this 
using spamming, and unusual traffic. Using attack 
classifiers concept our system using spam filters and 
biometric simulation methods to become strong 
system. 

V. Execution Details 

This section presents the detailed information about 
the classification techniques in data mining in order to 
demonstrate the complete process. Firstly, after 
starting the system shown to the user is as follows. In 
our system a new concept added i.e. Multimodal 
System. So this mean that using different inputs 
system will stored the data for testing and training 
generation for provide highly security. User can sign 
in using different inputs password that using 
biometric simulation as password in that it choose 
image as password in sign in using face and in sign in 
it takes as password as basic password on home page, 


system using blog for performing operation. Blogger 
is a website that displays postings views, thoughts. A 
person who keeps a web log(blog), An online diary, a 
personal chronological log of thoughts published on a 
web page, also called web log. 

Spam filter is a program that is a program that is used 
to detect unsolicited and unwanted data. And prevent 
this using blog in our blog users posts comments that 
comments are detecting by admin. 

Admin has to authority to check comments and using 
the knowledge he decides that comments will 
approved or reject. Because of this it prevents our 
system from vulnerabilities also admin can guide to 
users for comments that why this comments approved 
or reject. Then admin and users both can add new post 
on blog. 

For security evaluation our system used IP address 
concept it means when user post comments on blog 
from their systems, it will stored their system IP 
address from this IP address we can find malicious 
users that will help in future. 

VI. CONCLUSION 

In this Paper our main contribution is a framework for 
empirical security evaluation that formalizes and 
generalizes ideas from previous work, and can be 
applied to different classifiers, learning algorithms, 
and classification tasks. It is grounded on a formal 
model of the adversary, and on a model of data 
distribution that can represent all the attacks 
considered in previous work, provides a systematic 
method for the generation of training and testing sets 
that enables security evaluation; application-specific 
techniques for attack simulation. This is a clear 
advancement with respect to previous work, since 
without a general framework most of the proposed 
techniques could not be directly applied to other 
problems. By combining multiple sources of 
information, these systems improve matching 
performance, also the paper focused on innovative 
security evaluation of pattern classifiers that deployed 
in adversarial environments and analyzing on security 
evaluation of pattern classification under attack 
applying various methods. 
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